Managing users

Troubleshooting

Terraform variables

This document gives an overview of variables used in all platforms of the Tectonic SDK.

Inputs

Name

Description

Type

Default

tectonic_admin_email

(internal) The e-mail address used to: 1. login as the admin user to the Tectonic Console. 2. generate DNS zones for some providers.

Note: This field MUST be in all lower-case e-mail address format and set manually prior to creating the cluster.

string

-

tectonic_admin_password

(internal) The admin user password to login to the Tectonic Console.

Note: This field MUST be set manually prior to creating the cluster. Backslashes and double quotes must also be escaped.

string

-

tectonic_base_domain

The base DNS domain of the cluster. It must NOT contain a trailing period. Some DNS providers will automatically add this if necessary.

Example: openstack.dev.coreos.systems.

Note: This field MUST be set manually prior to creating the cluster. This applies only to cloud platforms.

[Azure-specific NOTE] To use Azure-provided DNS, tectonic_base_domain should be set to "" If using DNS records, ensure that tectonic_base_domain is set to a properly configured external DNS zone. Instructions for configuring delegated domains for Azure DNS can be found here: https://docs.microsoft.com/en-us/azure/dns/dns-delegate-domain-azure-dns

string

-

tectonic_bootstrap_upgrade_cl

(internal) Whether to trigger a ContainerLinux upgrade on node bootstrap.

string

true

tectonic_ca_cert

(optional) The content of the PEM-encoded CA certificate, used to generate Tectonic Console's server certificate. If left blank, a CA certificate will be automatically generated.

string

``

tectonic_ca_key

(optional) The content of the PEM-encoded CA key, used to generate Tectonic Console's server certificate. This field is mandatory if tectonic_ca_cert is set.

string

``

tectonic_ca_key_alg

(optional) The algorithm used to generate tectonic_ca_key. The default value is currently recommended. This field is mandatory if tectonic_ca_cert is set.

(optional) The size in MB of the PersistentVolume used for handling etcd backups.

string

512

tectonic_etcd_backup_storage_class

(optional) The name of an existing Kubernetes StorageClass that will be used for handling etcd backups.

string

``

tectonic_etcd_ca_cert_path

(optional) The path of the file containing the CA certificate for TLS communication with etcd.

Note: This works only when used in conjunction with an external etcd cluster. If set, the variable tectonic_etcd_servers must also be set.

string

/dev/null

tectonic_etcd_client_cert_path

(optional) The path of the file containing the client certificate for TLS communication with etcd.

Note: This works only when used in conjunction with an external etcd cluster. If set, the variables tectonic_etcd_servers, tectonic_etcd_ca_cert_path, and tectonic_etcd_client_key_path must also be set.

string

/dev/null

tectonic_etcd_client_key_path

(optional) The path of the file containing the client key for TLS communication with etcd.

Note: This works only when used in conjunction with an external etcd cluster. If set, the variables tectonic_etcd_servers, tectonic_etcd_ca_cert_path, and tectonic_etcd_client_cert_path must also be set.

string

/dev/null

tectonic_etcd_count

The number of etcd nodes to be created. If set to zero, the count of etcd nodes will be determined automatically.

Note: This is not supported on bare metal.

string

0

tectonic_etcd_servers

(optional) List of external etcd v3 servers to connect with (hostnames/IPs only). Needs to be set if using an external etcd cluster. Note: If this variable is defined, the installer will not create self-signed certs. To provide a CA certificate to trust the etcd servers, set "tectonic_etcd_ca_cert_path".

Example: ["etcd1", "etcd2", "etcd3"]

list

<list>

tectonic_etcd_tls_enabled

(optional) If set to true, all etcd endpoints will be configured to use the "https" scheme.

Note: If tectonic_experimental is set to true this variable has no effect, because the experimental self-hosted etcd always uses TLS.

string

true

tectonic_image_re

(internal) Regular expression used to extract repo and tag components

string

/^([^/]+/[^/]+/[^/]+):(.*)$/

tectonic_kubelet_debug_config

(internal) debug flags for the kubelet (used in CI only)

string

``

tectonic_license_path

The path to the tectonic licence file. You can download the Tectonic license file from your Account overview page at [1].

[1] https://account.coreos.com/overview

Note: This field MUST be set manually prior to creating the cluster unless tectonic_vanilla_k8s is set to true.

string

``

tectonic_master_count

The number of master nodes to be created. This applies only to cloud platforms.

string

1

tectonic_networking

(optional) Configures the network to be used in Tectonic. One of the following values can be used:

- "flannel": enables overlay networking only. This is implemented by flannel using VXLAN.

- "calico": [ALPHA] enables BGP based networking. Routing and network policy is implemented by Calico. Note this has been tested on baremetal installations only.

string

flannel

tectonic_pull_secret_path

The path the pull secret file in JSON format. This is known to be a "Docker pull secret" as produced by the docker login [1] command. A sample JSON content is shown in [2]. You can download the pull secret from your Account overview page at [3].